HP 6125G Configuration Manual page 62
Fundamentals configuration guide
Hide thumbs
Also See for 6125G:
- Command reference manual (426 pages) ,
- Configuration manual (379 pages) ,
- Release note (60 pages)
Table of Contents
Advertisement
Step
2.
Associate the HTTPS
service with an SSL server
policy.
3.
Enable the HTTPS service.
4.
Associate the HTTPS
service with a certificate
attribute-based access
control policy.
5.
Specify the HTTPS service
port number.
Command
ip https ssl-server-policy
policy-name
ip https enable
ip https certificate
access-control-policy
policy-name
ip https port port-number
56
Remarks
By default, the HTTPS service is not
associated with any SSL server policy,
and the device uses a self-signed
certificate for authentication.
If you disable the HTTPS service, the
system automatically de-associates the
HTTPS service from the SSL service
policy. Before re-enabling the HTTPS
service, associate the HTTPS service with
an SSL server policy first.
If the HTTPS service has been enabled,
any changes to the SSL server policy
associated with the HTTP service that is
enabled do not take effect.
By default, HTTPS is disabled.
Enabling the HTTPS service triggers an
SSL handshake negotiation process.
During the process, if the local certificate
of the device exists, the SSL negotiation
succeeds, and the HTTPS service can be
started properly. If no local certificate
exists, a certificate application process
will be triggered by the SSL negotiation.
Because the application process takes
much time, the SSL negotiation often fails
and the HTTPS service cannot be started
normally. In that case, execute the ip
https enable command multiple times to
start the HTTPS service.
Optional.
By default, the HTTPS service is not
associated with any certificate-based
attribute access control policy.
Associating the HTTPS service with a
certificate-based attribute access control
policy enables the device to control the
access rights of clients.
You must configure the client-verify
enable command in the associated SSL
server policy. If not, no clients can log in
to the device.
The associated SSL server policy must
contain at least one permit rule.
Otherwise, no clients can log in to the
device.
For more information about certificate
attribute-based access control policies,
see Security Configuration Guide.
Optional.
The default HTTPS service port is 443.
Hide quick links:
Advertisement
Table of Contents
